local root ~= remote root

Posted Nov 30, 2003 21:36 UTC (Sun) by iabervon (subscriber, #722)
In reply to: local root ~= remote root by ncm
Parent article: Debian.org compromise update

In some cases, the security issue is more remote user-level exploits;
it's reasonably likely that on a desktop, most of the significant
information could be read without priviledge escalation, and the box is
secured to avoid remote access to the machine at all. In fact, remote
access in general may be a narrower window to secure.

Of course, local root exploits are still significant, because more damage
may be caused by an attacker if they are available. Furthermore, it's
very hard to ensure the security of a remotely accessible user account,
so local root exploits only don't matter if there is no possibility of a
non-local user of any sort.